Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config tests #678

Open
wants to merge 23 commits into
base: master
Choose a base branch
from
Open

Config tests #678

wants to merge 23 commits into from

Conversation

brothercorvo
Copy link
Collaborator

No description provided.

hickey added 23 commits November 20, 2022 13:43
@hickey
Rewrite of MainConfig.py to use singleton
a6676e9 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added PyTest modules to requirements.txt
71e7420 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Initial set of tests for MainConfig
7caeaa7 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Handle readonly values better in MainConfig
43d0dbe 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Removed FTS_FED_PASSWORD as not documented
c27bb73 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added processing of YAML config
ffef445 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added testing of YAML config
d71dbdb 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Fixed MainConfig to handle bool env vars
cb5d54b 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Fixed default paths based on common variable
2c31620 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added test of YAML config with env var overrides
11f30e4 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added tests to validate config as attributes
1c8cc11 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Mass update of code accessing MainConfig
95cc19b 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added AllowCLIIPs to new config architecture
da375f9 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added tests for dealing with list vars (i.e. AllowCLIIPs)
f1a9565 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Moved constants to top of MainConfig.py for readability
15ed052 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Moved nodeID into new config structure
3d1aeaa 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added reset() to reinit config for testing
7d74c67 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added version and CLIIP to config structure
f71429e 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Refactored ip var to private
f94a5d2 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Fixed calls for config information
01b5104 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Added tests for config vars with dict access
f28c6e2 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Updated comments to assist other devs
1f885e7 
Signed-off-by: Gerard Hickey <[email protected]>
@hickey
Clean up from a bad merge
34518fc 
Signed-off-by: Gerard Hickey <[email protected]>
@brothercorvo brothercorvo requested a review from phreed March 4, 2024 16:27
@brothercorvo brothercorvo added this to the 2.3 milestone Apr 21, 2024
@brothercorvo
Copy link
Collaborator Author

@naman108 we should simply delete this one

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
35 Security Hotspots
E Reliability Rating on New Code (required ≥ A)
C Maintainability Rating on New Code (required ≥ A)
E Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 16, 2024
View reviewed changes
FreeTAKServer/controllers/ServerStatusController.py
@@ -110,7 +112,7 @@
IP = s.getsockname()[0]
else:
pass
conn = requests.get(f'https://{IP}:{SSLDataPackagePort}/Alive', cert=(MainConfig.pemDir, MainConfig.unencryptedKey), verify=False)
conn = requests.get(f'https://{IP}:{SSLDataPackagePort}/Alive', cert=(config.pemDir, config.unencryptedKey), verify=False)

Check failure

Code scanning / SonarCloud

Server certificates should be verified during SSL/TLS connections High

Enable server certificate validation on this SSL/TLS connection. See more on SonarCloud
FreeTAKServer/controllers/services/DataPackageServer.py
@@ -544,7 +548,7 @@
object.detail.mission.MissionChanges.MissionChange.type.setINTAG("ADD_CONTENT")
object.detail.mission.MissionChanges.MissionChange.contentResource.filename.setINTAG(taskid + '.xml')
object.detail.mission.MissionChanges.MissionChange.contentResource.hash.setINTAG(str(hashlib.sha256(
str(open(MainConfig.ExCheckChecklistFilePath + '/' + checklistid + '.xml', 'r')).encode()).hexdigest()))
str(open(config.ExCheckChecklistFilePath + '/' + checklistid + '.xml', 'r')).encode()).hexdigest()))

Check failure

Code scanning / SonarCloud

I/O function calls should not be vulnerable to path injection attacks High

Change this code to not construct the path from user-controlled data. See more on SonarCloud
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phreed phreed Awaiting requested review from phreed

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.3
Development

Successfully merging this pull request may close these issues.
2 participants
@brothercorvo @hickey